gssapi/openssh

Dr. Greg Wettstein greg at wind.enjellic.com
Fri May 2 10:39:10 EDT 2003


On Apr 30,  6:25pm, Simon Wilkinson wrote:
} Subject: Re: gssapi/openssh

Good morning to everyone.

> On Wed, 30 Apr 2003, peter duff wrote:
> > I have patched openssh 3.4p1 with simon's gssapi patch, (great job by the
> > way).
> 
> There'll be a patch for openssh 3.6.1p2 available in the next few days.
> This brings the patch up to compliance with the latest version of the
> draft, as well as fixing some encoding issues.

I will second the 'great job' on the GSSAPI patch for SSH.  Its been a
must have for our sites since it first became available.

Any reflections Simon on dealing with the multi-homed host issue?

When I build and deploy 3.6.1p2 I was going to add a patch to the
Kerberos library routines which allow authentication against more than
one entry in a keytab file.  I was just going to statically link the
object file from the modified source into the sshd daemon.  That above
is a modification that Doug Engert suggested.

I would be interested in any thoughts about the best solution from the
SSH/GSSAPI himself... :-)

> Cheers,
> 
> Simon.

Greg

}-- End of excerpt from Simon Wilkinson

As always,
Dr. G.W. Wettstein, Ph.D.   Enjellic Systems Development, LLC.
4206 N. 19th Ave.           Specializing in information infra-structure
Fargo, ND  58102            development.
PH: 701-281-4950            WWW: http://www.enjellic.com
FAX: 701-281-3949           EMAIL: greg at enjellic.com
------------------------------------------------------------------------------
"Whenever you find that you are on the side of the majority, it is time to
reform."
                                -- Mark Twin


More information about the Kerberos mailing list